Anastasia MavridouSGT Inc. / NASA Ames Research Center · Robust Software Engineering
Anastasia Mavridou
PhD
About
70
Publications
64,158
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
1,455
Citations
Introduction
I am a computer scientist in the Robust Software Engineering group at the NASA Ames Research Center, employed by Stinger Ghaffarian Technologies. My research interests lie in the area of component-based design, modeling and analysis of concurrent systems with a focus on correct-by-construction techniques.
More information can be found on my webpage: amavridou.com
Additional affiliations
January 2017 - August 2017
Publications
Publications (70)
The adoption of blockchain-based distributed computation platforms is growing fast. Some of these platforms, such as Ethereum, provide support for implementing smart contracts, which are envisioned to have novel applications in a broad range of areas, including finance and Internet-of-Things. However, a significant number of smart contracts deploye...
A strong separation of concerns is necessary in order to make the design of domain-specific functional components independent from cross-cutting concerns, such as concurrent access to the shared resources of the execution platform. Native coordination mechanisms, such as locks and monitors, allow developers to address these issues. However, such so...
In this case study, we apply the architecture-based design approach to the control software of the CubETH satellite. Architectures are a means for ensuring global coordination properties and thus, achieving correctness of complex systems by construction. We illustrate the following three steps of the design approach: 1) definition of a domain-speci...
Architecture styles characterise families of architectures sharing common characteristics. We have recently proposed configuration logics for architecture style specification. In this paper, we study a graphical notation to enhance readability and easiness of expression. We study simple architecture diagrams and a more expressive extension, interva...
We study a framework for the specification of architecture styles as families of architectures involving a common set of types of components and coordination mechanisms. The framework combines two logics: 1) interaction logics for the specification of architectures as generic coordination schemes involving a configuration of interactions between ty...
This report primarily identifies a collection of relevant and necessary evidence for assurance of machine learnt components (MLCs)—also known as learning-enabled components—integrated into aircraft systems, and gives preliminary suggestions on the elements of a certification process that invoke the identified evidence. The main focus is on feedforw...
PLCverif is an actively developed project at CERN, enabling the formal verification of Programmable Logic Controller (PLC) programs in critical systems. In this paper, we present our work on improving the formal requirements specification experience in PLCverif through the use of natural language. To this end, we integrate NASA’s FRET, a formal req...
[Context & Motivation] Requirements specification and analysis is widely applied to ensure the correctness of industrial systems in safety critical domains. Requirements are often initially written in natural language, which is highly ambiguous, and as a second step transformed into a language with rigorous semantics for formal analysis. [Question/...
Context & Motivation: The development of software that learns has revolutionized how many systems perform. For the most part, these systems are neither safety- nor mission-critical. However, as technology and aspirations advance, there is an increased desire and need for Machine Learning (ML) software in safety- and mission-critical systems, e.g.,...
PLCverif is an actively developed project at CERN, enabling the formal verification of Programmable Logic Controller (PLC) programs in critical systems. In this paper, we present our work on improving the formal requirements specification experience in PLCverif through the use of natural language. To this end, we integrate NASA’s FRET, a formal req...
Formal methods and tools have become well established and widely applied to ensure the correctness of fundamental components of industrial critical systems in domains like railways, avionics and automotive. In this Introduction to the special issue, we outline a number of recent achievements concerning the use of formal methods and tools for the sp...
Runtime verification (RV) has the potential to enable the safe operation of safety-critical systems that are too complex to formally verify, such as Robot Operating System 2 (ROS2) applications. Writing correct monitors can itself be complex, and errors in the monitoring subsystem threaten the mission as a whole. This paper provides an overview of...
Requirements formalization has become increasingly popular in industrial settings as an effort to disambiguate designs and optimize development time and costs for critical system components. Formal requirements elicitation also enables the employment of analysis tools to prove important properties, such as consistency and realizability. In this pap...
Runtime verification (RV) enables monitoring systems at runtime, to detect property violations early and limit their potential consequences. This paper presents an end-to-end framework to capture requirements in structured natural language and generate monitors that capture their semantics faithfully. We leverage NASA’s Formal Requirement Elicitati...
Blockchain-based smart contracts enable the creation of decentralized applications, which often handle assets of considerable value. While the underlying platforms guarantee the correctness of smart-contract execution, they cannot ensure that the code of a contract is correct. Today, as evidenced by a number of recent security breaches, developers...
Realizability checking refers to the formal procedure that aims to determine whether an implementation exists, always complying to a set of requirements, regardless of the stimuli provided by the system’s environment. Such a check is essential to ensure that the specification does not allow behavior that can force the system to violate safety const...
Novel computing paradigms, e.g., the Cloud, introduce new requirements with regard to access control such as utilization of historical information and continuity of decision. However, these concepts may introduce an additional level of complexity to the underpinning model, rendering its definition and verification a cumbersome and prone to errors p...
This volume contains the proceedings of ICE'21, the 14th Interaction and Concurrency Experience, which was held online on the 18th of June 2021, as a satellite event of DisCoTec'21. The ICE workshop series features a distinguishing review and selection procedure, allowing PC members to interact anonymously with authors. As in the past 13 editions,...
The complexity and flexibility of autonomous robotic systems necessitates a range of distinct verification tools. This presents new challenges not only for design verification but also for assurance approaches. Combining the distinct formal verification tools, while maintaining sufficient formal coherence to provide compelling assurance evidence is...
The use of structured natural languages to capture requirements provides a reasonable trade-off between ambiguous natural language and unintuitive formal notations. There are two major challenges in making structured natural language amenable to formal analysis: (1) formalizing requirements as formulas that can be processed by analysis tools and (2...
This book constitutes the proceedings of the 26th International Workshop on Formal Methods for Industrial Critical Systems, FMICS 2021, which was held during August 24-26, 2021. The conference was planned to take place in Pairs, France. Due to the COVID-19 pandemic it changed to a virtual event.
The 10 full papers and 6 short papers presented in th...
The Independent Configurable Architecture for Reliable Operations of Unmanned Systems (ICAROUS) is a software architecture incorporating a set of algorithms to enable autonomous operations of unmanned aircraft applications. This paper provides an overview of Monitoring ICAROUS, a project whose objective is to provide a formal approach to generating...
This volume contains the proceedings of ICE'20, the 13th Interaction and Concurrency Experience, which was held online on the 19th of June 2020, as a satellite event of DisCoTec'20. The ICE workshop series features a distinguishing review and selection procedure, allowing PC members to interact anonymously with authors. As in the past 12 editions,...
The emergence of blockchains and smart contracts has renewed interest in electrical cyberphysical systems, especially transactive energy systems. To address the associated challenges, we present TRANSAX, a blockchain-based transactive energy system that provides an efficient, safe, and privacy-preserving market built on smart contracts.
The original versions of this book and Chapter 14 were revised. The following was corrected:
Dimitra Giannakopoulou, the General Chair of the NFM 2020 conference, was inadvertently forgotten and, therefore, added as a volume editor.
Chapter 14 was retrospectively made available open access under a CC BY 4.0 license at link.springer.com.
[Motivation] The use of structured natural languages to capture requirements provides a reasonable trade-off between ambiguous natural language and unintuitive formal notations. [Problem] There are two major challenges in making structured natural language amenable to formal analysis: (1) associating requirements with formulas that can be processed...
Vyper has been proposed as a new high-level language for Ethereum smart contract development due to numerous security vulnerabilities and attacks witnessed on contracts written in Solidity since the system's inception. Vyper aims to address these vulnerabilities by providing a language that is aimed at simplicity, auditability and security. We pres...
This book constitutes the proceedings of the 12th International Symposium on NASA Formal Methods, NFM 2020, held in Moffett Field, CA, USA, in May 2020.*
The 20 full and 5 short papers presented in this volume were carefully reviewed and selected from 62 submissions. The papers are organized in the following topical sections: learning and formal sy...
The adoption of blockchain based distributed ledgers is growing fast due to their ability to provide reliability, integrity, and auditability without trusted entities. One of the key capabilities of these emerging platforms is the ability to create self-enforcing smart contracts. However, the development of smart contracts has proven to be error-pr...
This volume contains the proceedings of ICE'19, the 12th Interaction and Concurrency Experience, which was held in Copenhagen, Denmark on the 20th and 21st of June 2019, as a satellite event of DisCoTec'19. The ICE workshop series features a distinguishing review and selection procedure, allowing PC members to interact anonymously with authors. As...
The adoption of blockchain based distributed ledgers is growing fast due to their ability to provide reliability, integrity, and auditability without trusted entities. One of the key capabilities of these emerging platforms is the ability to create self-enforcing smart contracts. However, the development of smart contracts has proven to be error-pr...
The adoption of blockchain-based distributed computation platforms is growing fast. Some of these platforms, such as Ethereum, provide support for implementing smart contracts, which are envisioned to have novel applications in a broad range of areas, including finance and the Internet-of-Things. However, a significant number of smart contracts dep...
Modeling languages are often used for designing complex systems. To simplify the modeling process, system designers can use dedicated modeling frameworks, which provide all necessary tools and services in order to facilitate system development and decrease costs by eliminating errors early at design time. Nowadays, the emergence of heterogeneous en...
The early validation of requirements aims to reduce the need for the high-cost validation testing and corrective measures at late development stages. This work introduces a systematic process for the unambiguous specification of system requirements and the guided derivation of formal properties, which should be implied by the system 's structure an...
The Behavior-Interaction-Priority (BIP) framework, rooted in rigorous semantics, allows the construction of systems that are correct-by-design. BIP has been effectively used for the construction and analysis of large systems such as robot controllers and satellite on-board software. Nevertheless, the specification of BIP models is done in a purely...
Internet of Things and data sciences are fueling the development of innovative solutions for various applications in Smart and Connected Communities (SCC). These applications provide participants with the capability to exchange not only data but also resources, which raises the concerns of integrity, trust, and above all the need for fair and optim...
The Behavior-Interaction-Priority (BIP) framework, rooted in rigorous semantics, allows the construction of systems that are correct-by-design. BIP has been effectively used for the construction and analysis of large systems such as robot controllers and satellite on-board software. Nevertheless, the specification of BIP models is done in a purely...
Usage control models provide an integration of access control, digital rights, and trust management. To achieve this integration, usage control models support additional concepts such as attribute mutability and continuity of decision. However, these concepts may introduce an additional level of complexity to the underlying model, rendering its def...
The Behavior-Interaction-Priority (BIP) framework, rooted in rigorous semantics, allows the construction of systems that are correct-by-design. BIP has been effectively used for the construction and analysis of large systems such as robot controllers and satellite on-board software. Nevertheless, the specification of BIP models is done in a purely...
Internet of Things and data sciences are fueling the development of innovative solutions for various applications in Smart and Connected Communities (SCC). These applications provide participants with the capability to exchange not only data but also resources, which raises the concerns of integrity, trust, and above all the need for fair and optim...
Blockchain-based distributed computing platforms enable the trusted execution of computation—defined in the form of smart contracts—without trusted agents. Smart contracts are envisioned to have a variety of applications, ranging from financial to IoT asset tracking. Unfortunately, the development of smart contracts has proven to be extremely error...
Usage control models provide an integration of access control, digital rights, and trust management. To achieve this integration, usage control models support additional concepts such as attribute mutability and continuity of decision. However, these concepts may introduce an additional level of complexity to the underlying model, rendering its def...
Blockchain-based distributed computing platforms enable the trusted execution of computation - defined in the form of smart contracts - without trusted agents. Smart contracts are envisioned to have a variety of applications, ranging from financial to IoT asset tracking. Unfortunately, the development of smart contracts has proven to be extremely e...
JavaBIP allows the coordination of software components by clearly separating the functional and coordination aspects of the system behavior. JavaBIP implements the principles of the BIP component framework rooted in rigorous operational semantics. Recent work both on BIP and JavaBIP allows the coordination of static components defined prior to syst...
We have developed a design studio for modeling, analyzing, and generating Java code with BIP [1]. BIP is a framework for component-based design correct-by-construction applications. BIP is supported by a simple, yet powerful modular language with rigorous operational semantics. Additionally BIP is supported by a dedicated tool-set including code-ge...
JavaBIP allows the coordination of software components by clearly separating the functional and coordination aspects of the system behavior. JavaBIP implements the principles of the BIP component framework rooted in rigorous operational semantics. Recent work both on BIP and JavaBIP allows the coordination of static components defined prior to syst...
JavaBIP allows the coordination of software components by clearly separating the functional and coordination aspects of the system behaviour. JavaBIP implements the principles of the BIP component framework rooted in rigorous operational semantics. Recent work both on BIP and JavaBIP allows the coordination of static components defined prior to sys...
We present the WebGME-BIP design studio developed using the WebGME tool for the specification of architecture diagrams, which is a graphical language that describes architecture styles with rigorous semantics. WebGME is a novel, web- and cloud-based, collaborative, scalable (meta)modeling tool that supports the design of Domain Specific Modeling La...
In this case study, we apply the architecture-based design approach to the control software of the CubETH satellite. Architectures are a means for ensuring global coordination properties and thus, achieving correctness of complex systems by construction. The design approach comprises three main steps: 1) definition of a domain-specific taxonomy of...
Architecture styles characterise not a single architecture but a family of architectures sharing common characteristics. We have recently proposed configuration logics for the description of architecture styles. In this paper, we define a graphical notation for architecture style specification to enhance readability and easiness of expression. Our...
We study a framework for the specification of architecture styles as families of architectures involving a common set of types of components and coordination mechanisms. The framework combines two logics: (1) interaction logics for the specification of architectures as generic coordination schemes involving a configuration of interactions between t...
Coordinating component behaviour and access to resources is among the key difficulties of building large concurrent systems. To address this, developers must be able to manipulate high-level concepts, such as Finite State Machines and separate functional and coordination aspects of the system behaviour. OSGi associates to each bundle a state machin...
SCADA systems monitor and control many critical installations around the world, interpreting information gathered from a multitude of resources to drive physical processes to a desired state. In order for the system to react correctly, the data it collects from sensors must be reliable, accurate, and timely, regardless of distance and environmental...
Security, access control and risk mitigation in the smart grid are matters of great impact for this important sector of the critical infrastructure. Situational awareness requires a means of aggregating information and presenting that information in a manner conducive to assessing risk. While major components of the electric power grid were traditi...
networks, are now using IP based, interconnected networks to transmit Supervisory Control and Data Acquisition (SCADA) messages. SCADA protocols were not designed with security in mind. Therefore, in order to enhance security, access control and risk mitigation, operators need detailed and accurate information about the status, integrity, configura...
SCADA systems monitor and control many critical installations around the world, interpreting information gathered from a multitude of resources to drive physical processes to a desired state. In order for the system to react correctly, the data it collects from sensors must be reliable, accurate, and timely, regardless of distance and environmental...
Enhancing the e-Learning systems with reputation, a commonly used notion in e-Commerce systems, adds value to the resource. In this paper a RDF-based e- Learning framework that is based on reputation meta- data and educational standards is proposed. More- over, the model and the retrieval algorithm of a proper recommendation system are described. T...